twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-02-07T00:00:00

Updated: 2024-11-18T22:49:07.500Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2022-21712

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-07T22:15:08.587

Modified: 2024-11-25T18:12:24.673

Link: CVE-2022-21712

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-02-08T00:00:00Z

Links: CVE-2022-21712 - Bugzilla